#!/bin/bash

#
# autosshfs-map -- Compute autofs map for user's SSHFS mounts.
#
## LICENSE
#
# Copyright 2011,2012,2013 hellekin <hellekin@riseup.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>,
# or, from the package source directory, run: make license
#
## USAGE
#
# autosshfs-map assumes the following constraints:
#
# 1. The mountpoint is under user's $HOME (at ~/mnt/ssh/MOUNTPOINT)
# 2. $HOME points to /home/$USER
# 3. $USER is a member of group autosshfs
#

PROGNAME="${0##*/}"

PREFIX="%PREFIX%"
GROUP="%GROUP%"

fail() {
  echo "${PROGNAME}: $@"
  exit 1
}

# Get username from PWD.  It assumes the mountpoint is under user's $HOME.
USER=$(builtin pwd)
USER=${USER#/home/}
USER=${USER%%/*}

test -n "$USER" || fail "missing user"

# User must be in $GROUP
member() {
  local user="$1"
  local group="$2"
  local ex=1

  test -z "$user" -o -z "$group" && return $ex
  id $user &>/dev/null || return $ex

  if [ $(2>/dev/null groups "$user" | egrep "\b$group\b" | wc -l) -eq 1 ]
  then
    ex=0
  fi
  return $ex
}
member $USER $GROUP || fail "user must be a member of group ssh"

SSH_WRAPPER="${PREFIX}/bin/autosshfs-as-${USER}"

if [ ! -x "${SSH_WRAPPER}" ]
then
  touch $SSH_WRAPPER
  chown root:$GROUP $SSH_WRAPPER
  chmod 0750 $SSH_WRAPPER

  generator="# Generated by ${PROGNAME} at $(date -R)"
  username="${USER}"

cat > $SSH_WRAPPER <<EOD
#!/bin/sh
#
# autosshfs-as-${username}
#
# Wrapper script to make automount use the user's ssh-agent(1)
# when mounting SSHFS.  It is used as the ssh-command by autofs(8).
#

if [ \`id -un\` != "root" ]; then
  logger -s -i -t autosshfs "user \${USER} is not authorized to run autosshfs-as-${username}"
  exit 1
fi

# automount(8) sends -a -x -oClearAllForwardings=yes -2 HOST -s sftp
exec sudo -H -u ${username} -i ${PREFIX}/sbin/autosshfs-ssh "\${5}"
${generator}
EOD
fi

OPTS="-fstype=fuse,rw,allow_other,umask=077,noatime,nosuid,nodev"
OPTS="${OPTS},workaround=rename,ssh_command=${SSH_WRAPPER}"

# You can connect to host not in your configuration file:
#
#  [user@]host[:port]
#
# will set port=port connect to user@host

HOST="${1}"

test -n "$HOST" || fail "missing key: did you use autofs?"

COLONPOS=$(expr index "${key}" :)
if [[ $COLONPOS > 0 ]]
then
  OPTS="${OPTS},port=${HOST:$COLONPOS}"
  HOST="${HOST:0:$[$COLONPOS - 1]}"
fi

# -fstype=fuse,rw,allow_other,... / sshfs\#remote_host:/
echo -e "${OPTS} \t/\t sshfs\#${HOST}:/"
